Security has always been one of the top priority in IoT devices and infrastructure. The Online Trust Alliance has shared 10 tips to minimise IoT security vulnerabilities, specifically for devices which uses Wi-Fi for connectivity.
·
Every
password on every device should be updated from the default, and any device
that has an unchangeable default password shouldn’t be used at all. Permissions
need to be as minimal as possible to allow devices to function.
Every
password on every device should be updated from the default, and any device
that has an unchangeable default password shouldn’t be used at all. Permissions
need to be as minimal as possible to allow devices to function.
·
Do
your homework – everything that goes on your network, as well as any associated
back-end or cloud services that work with it, needs to be carefully researched
before it’s put into production.
Do
your homework – everything that goes on your network, as well as any associated
back-end or cloud services that work with it, needs to be carefully researched
before it’s put into production.
·
It’s
a good idea to have a separate network, behind a firewall and under careful
monitoring, for IoT devices whenever possible. This helps keep potentially
insecure devices away from core networks and resources.
It’s
a good idea to have a separate network, behind a firewall and under careful
monitoring, for IoT devices whenever possible. This helps keep potentially
insecure devices away from core networks and resources.
·
Don’t
use features you don’t need – the OTA gives the example of a smart TV used for
display only, which means you can definitely deactivate its microphone and even
its connectivity.
Don’t
use features you don’t need – the OTA gives the example of a smart TV used for
display only, which means you can definitely deactivate its microphone and even
its connectivity.
·
Look
for the physical compromise – anything with a hardware “factory reset” switch,
open port or default password is vulnerable.
Look
for the physical compromise – anything with a hardware “factory reset” switch,
open port or default password is vulnerable.
·
Gizmos
that connect automatically to open Wi-Fi networks are a bad idea. Make sure
they don’t do that.
Gizmos
that connect automatically to open Wi-Fi networks are a bad idea. Make sure
they don’t do that.
·
If
you can’t block all incoming traffic to your IoT devices, make sure that there
aren’t open software ports that a malefactor could use to control them.
If
you can’t block all incoming traffic to your IoT devices, make sure that there
aren’t open software ports that a malefactor could use to control them.
·
Encryption
is a great thing. If there’s any way you can get your IoT devices to send and
receive their data using encryption, do it.
Encryption
is a great thing. If there’s any way you can get your IoT devices to send and
receive their data using encryption, do it.
·
Updates
are also a good and great thing – whether you’ve got to manually check every
month or your devices update on their own, make sure they’re getting patches.
Don’t use equipment that can’t get updates.
Updates
are also a good and great thing – whether you’ve got to manually check every
month or your devices update on their own, make sure they’re getting patches.
Don’t use equipment that can’t get updates.
·
Underlining
the above, don’t use products that are no longer supported by their
manufacturers or that can no longer be secured.
Underlining
the above, don’t use products that are no longer supported by their
manufacturers or that can no longer be secured.
About OTA
The
Online Trust Alliance is an initiative within the Internet Society (ISOC), a
global non-profit dedicated to ensuring the open development, evolution and use
of the Internet. OTA’s mission is to enhance online trust, user empowerment and
innovation through convening multi-stakeholder initiatives, developing and
promoting best practices, ethical privacy practices and data stewardship.
https://otalliance.org/ https://internetsociety.org.
Online Trust Alliance is an initiative within the Internet Society (ISOC), a
global non-profit dedicated to ensuring the open development, evolution and use
of the Internet. OTA’s mission is to enhance online trust, user empowerment and
innovation through convening multi-stakeholder initiatives, developing and
promoting best practices, ethical privacy practices and data stewardship.
https://otalliance.org/ https://internetsociety.org.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
